[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] FTP PORT command code in v1.16.3?
|
From: |
Tim Ruehsen |
|
Subject: |
Re: [Bug-wget] FTP PORT command code in v1.16.3? |
|
Date: |
Tue, 11 Aug 2015 17:40:42 +0200 |
|
User-agent: |
KMail/4.14.2 (Linux/4.1.0-1-amd64; KDE/4.14.2; x86_64; ; ) |
On Tuesday 11 August 2015 17:24:42 Giuseppe Scrivano wrote:
> Tim Ruehsen <address@hidden> writes:
> > * src/ftp.c (getftp): Do not use PORT when PASV fails.
> > * tests/FTPServer.px: Add pasv_not_supported server flag.
> > * tests/Makefile.am: Add Test-ftp-pasv-not-supported.px
> > * tests/Test-ftp-pasv-not-supported.px: New test
> >
> > Fix IP address exposure when automatically falling back from
> > passive mode to active mode (using the PORT command). A behavior that
> > may be used to expose a client's privacy even when using a proxy.
>
> ACK from me. Could you please also update NEWS? It looks like some
> important change we want to inform people about :)
>
> Regards,
> Giuseppe
Updated NEWS and the description in tests/Test-ftp-pasv-not-supported.px.
Tim
0001-Fix-IP-address-exposure-in-FTP-code.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part.